fix: password reset not working

This commit is contained in:
grandeljay 2023-11-08 14:43:38 +01:00
parent 00d341fa85
commit 8d80c22bdc
4 changed files with 14 additions and 22 deletions

View file

@ -51,20 +51,7 @@ class Email
$renderer = new \Qferrer\Mjml\Renderer\ApiRenderer($api);
$html = $this->mjml;
if ('127.0.0.1' === $_SERVER['REMOTE_ADDR']) {
/**
* Ignore SSL certificate errors
*/
try {
$html = $renderer->render($this->mjml);
} catch (\Qferrer\Mjml\Exception\CurlException $th) {
error_log($th->getMessage());
error_log($this->mjml);
}
} else {
$html = $renderer->render($this->mjml);
}
$to = $this->to;
$subject = $this->subject;

View file

@ -546,4 +546,9 @@ class User
{
$this->advertisements = $advertisements;
}
public function getPasswordResetValidUntil(): int
{
return $this->password_reset_valid_until;
}
}

View file

@ -83,7 +83,7 @@ if (isset($_POST['reset'], $_POST['email'])) {
'password-reset-link',
$_SERVER['REQUEST_SCHEME'] . '://' .
$_SERVER['HTTP_HOST'] .
Page::PAGE_REGISTER . '&password-reset=' . $user->email . '&token=' . $token
Page::PAGE_REGISTER . '&password-reset=' . $user->getEmail() . '&token=' . $token
);
$emailReset->send();

View file

@ -71,8 +71,9 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
*/
$userQuery = $database
->query(
'SELECT * FROM `users`
WHERE `email` = :user_email,
'SELECT *
FROM `users`
WHERE `email` = :user_email
AND `password_reset_token` = :user_password_reset_token',
array(
'user_email' => $user_email,
@ -83,13 +84,12 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
if (false !== $userQuery) {
$user = new User($userQuery->fetch());
if (time() > $user->password_reset_valid_until) {
echo \date('d.m.Y H:i') . ' <= ' . \date('d.m.Y H:i', $user->getPasswordResetValidUntil()) . '.';
if (time() <= $user->getPasswordResetValidUntil()) {
$database
->query(
'UPDATE `users`
SET `password` = :user_password,
`password_reset_token` = NULL,
`password_reset_valid_until` = NULL
SET `password` = :user_password
WHERE `id` = :user_id;',
array(
'user_password' => User::passwordToHash($_POST['password']),